Method for detecting TCP/IP protocol concealed channel based on fuzzy neural network

A technology of fuzzy neural network and covert channel, which is applied in the field of information security and neural network, can solve problems such as no special method, and achieve simple, good scalability, and accurate detection

Inactive Publication Date: 2008-09-03
ZHEJIANG UNIV
View PDF0 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These methods are all aimed at the covert channel in the operating system. At present, there is no special method for network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting TCP/IP protocol concealed channel based on fuzzy neural network
  • Method for detecting TCP/IP protocol concealed channel based on fuzzy neural network
  • Method for detecting TCP/IP protocol concealed channel based on fuzzy neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The TCP / IP protocol covert channel detection method based on fuzzy neural network comprises the following steps:

[0030] 1. Establish a filter, filter the data packets passing through the network interface according to the filtering rules, and capture the TCP / IP data packets output on the network interface;

[0031] 2. Analyze the option field in the data packet header structure to form a feature vector, and then input the feature vector into the fuzzy neural network;

[0032] 3. The fuzzy neural network processes the feature vector, and finally performs fuzzy clustering on the output result, and judges whether there is a hidden channel through the output result.

[0033] The TCP / IP protocol packet output on the described capture network interface comprises the steps:

[0034] 1) Create a filter and pass the pointer of the data link layer packet to the filter;

[0035] (1) Create a filter. In order to speed up the filtering, the filter virtual machine method is used ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting TCP/IP protocol covert channel based on fuzzy neural network. The method adopting the fuzzy neural network introduces a novel method for detecting the network covert channel by analyzing a domain in a TCP/IP data package head structure of a network interface. The method firstly obtains the TCP/IP data package from the network interface, analyzes the option domain in the data package head structure to obtain a network connection feature vector, sends the feature vector into the fuzzy neural network, trains the fuzzy neural network by a self-adapting fuzzy neural inference system to form a model of the fuzzy neural network, subsequently, sends the feature vector into the model of trained fuzzy neural network to get an output value, and finally performs fuzzy clustering onto the output value so as to distinguish whether the output data has covert channel. The invention is applicable for a mainstream operating system, has wide application range, can increase the security of the operating system and effectively prevents secret information leakage.

Description

technical field [0001] The invention relates to the fields of information security and neural network, in particular to a method for detecting a concealed channel of TCP / IP protocol based on fuzzy neural network. Background technique [0002] Covert channel is a mechanism of information transmission in violation of security policy, and it is also a difficult problem in the field of information security. According to the requirements of the "Trusted Computer System Evaluation Criteria" (TCSEC) promulgated by the US Department of Defense, covert channel analysis must be performed on systems with B2 security level and above, and the bandwidth of the covert channel must be estimated, and then the processing of the covert channel must be determined according to the bandwidth. . my country's national standard GB17859-1999 "Computer Information System Security Protection Classification Criteria", as well as other relevant international and domestic standards, have similar provisio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/06
Inventor 王建强平玲娣潘雪增姜励陈小平李善平陈健
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap